3.9.8. UseSSL Previous topic Parent topic Child topic Next topic

This optional parameter specifies to use direct SSL or TLS to connect to the LDAP server. For more information about STARTTLS support, see Section 3.9.9. UseTLS.
Here is an example of using UseSSL:
# Enable direct SSL/TLS instead of using STARTTLS
A full SSL/TLS configuration requires setting the certificate locations and possible other parameters.
# Enable direct SSL/TLS and tell it where to find certificates

# Name of the client certificate file:
SSLCAClientCert %D/certificates/cert-clt.pem
# Name of the file containing the client private key
SSLCAClientKey %D/certificates/cert-clt.pem

# Only need to set one of the following
#SSLCAPath %D/cadirectory
SSLCAFile %D/certificates/demoCA/cacert.pem
All certificates are required to be in PEM format.
If both UseSSL and UseTLS are specified, UseSSL is prioritised.